With a minor amount of fanfare "binary socket" support has been
added to Flash Player 9 / ActionScript 3.0. The Flash sandbox model
is primarily focused on preventing modifications to the local system,
and thus there are many ways to bypass the only-connect-back-upstream
and port<1024 limitations on the SWF applet Socket() class. A
(potentially malicious) server can override the limit with a
cross domain policy file on the server, or it can be overriden
locally at the player with a global setting/policy change, or
by configuring the applet as trusted.

The potential for network misuse possible in Flash just went up
several orders of magnitude, and as the Adobe site triumphantly
proclaims, it's apparently in use at 97.3% of networked computers.
I'll avoid some of the more exotic scenarios, lest they give
anyone some bad ideas - and leave this caveat at this warning.